diff options
| author | lloyd <[email protected]> | 2013-02-06 18:23:01 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2013-02-06 18:23:01 +0000 |
| commit | a6a6080e0b04751b6abb15d416626be43567a1b3 (patch) | |
| tree | 335ec0983f4cec2a865eceb2d9d96ab50c4efe42 | |
| parent | 06fc6aa688dcb4d4b1d742c7978c020f94b82e5b (diff) | |
Prefer RC4 over AES. Gak.
| -rw-r--r-- | doc/relnotes/1_11_2.rst | 4 | ||||
| -rw-r--r-- | src/tls/tls_policy.cpp | 6 |
2 files changed, 7 insertions, 3 deletions
diff --git a/doc/relnotes/1_11_2.rst b/doc/relnotes/1_11_2.rst index 88d161d23..95a86cbdf 100644 --- a/doc/relnotes/1_11_2.rst +++ b/doc/relnotes/1_11_2.rst @@ -1,6 +1,10 @@ Version 1.11.2, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* The default TLS policy formerly preferred AES over RC4, and allowed + 3DES by default. Now the default policy is to negotiate only either + AES or RC4, and to prefer RC4. + * The new filter :cpp:class:`Threaded_Fork` acts like a normal :cpp:class:`Fork,` sending its input to a number of different filters, but each subchain of filters in the fork runs in its own diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index e98fe66b2..98e3c6bca 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -19,10 +19,10 @@ namespace TLS { std::vector<std::string> Policy::allowed_ciphers() const { return std::vector<std::string>({ - "AES-256", - "AES-128", "ARC4", - "3DES", + "AES-128", + "AES-256", + //"3DES", //"Camellia-256", //"Camellia-128", //"SEED" |